Staging: rtl8192e: rtllib_rx: checking NULL value after doing dev_alloc_skb

Checking the return of dev_alloc_skb as stated in the following bug:
https://bugzilla.kernel.org/show_bug.cgi?id=60401

Reported-by: RUC_Soft_Sec rucsoftsec@gmail.com
Cc: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Iker Pedrosa <ikerpedrosam@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/staging/rtl8192e/rtllib_rx.c b/drivers/staging/rtl8192e/rtllib_rx.c
index e75364e3eb434b7f8fae42cab33c7ce172991b5e..6a51f29e0737fd96ff9cfb3fd0f2c1628d57e811 100644 (file)
--- a/drivers/staging/rtl8192e/rtllib_rx.c
+++ b/drivers/staging/rtl8192e/rtllib_rx.c
@@ -777,6 +777,8 @@ static u8 parse_subframe(struct rtllib_device *ieee, struct sk_buff *skb,
 
                /* Allocate new skb for releasing to upper layer */
                sub_skb = dev_alloc_skb(RTLLIB_SKBBUFFER_SIZE);
+               if (!sub_skb)
+                       return 0;
                skb_reserve(sub_skb, 12);
                data_ptr = (u8 *)skb_put(sub_skb, skb->len);
                memcpy(data_ptr, skb->data, skb->len);
@@ -825,6 +827,8 @@ static u8 parse_subframe(struct rtllib_device *ieee, struct sk_buff *skb,
 
                        /* Allocate new skb for releasing to upper layer */
                        sub_skb = dev_alloc_skb(nSubframe_Length + 12);
+                       if (!sub_skb)
+                               return 0;
                        skb_reserve(sub_skb, 12);
                        data_ptr = (u8 *)skb_put(sub_skb, nSubframe_Length);
                        memcpy(data_ptr, skb->data, nSubframe_Length);